Vulnerability Analyst is required to work for a large enterprise on a fully remote basis. The vulnerability analyst must have at least five years of experience working as a vulnerability analyst and ideally either the Tenable or ServiceNow Secops module VM tooling experience.

This is a security cleared position and all candidates have to currently be S/C cleared and are able to transfer clearance to this programme. All candidates will hold full UK citizenship.

Primary Purpose:

Provide immediate operational relief while baselining VM data in ServiceNow - SecOps VR. Remove false positives, process exceptions, support reporting, prioritise risk, and work down historical backlog.Responsibilities

• Work through vulnerability backlog using Tenable VM and ServiceNow - SecoPs VR.
• Improve reporting with context, trend analysis, root cause identification, and risk-based insight for:
• Monthly BU reports
• Executive reports
• Management forums
• Weekly remediation team calls
• Weekly operational VM report
• Establish a credible as-is baseline by:
• Documenting exceptions
• Removing false positives
• Tuning tools
• Ensuring data accuracy and completeness
• Identify systemic root causes and recurring false positives.
• Support remediation planning for:
• High-risk areas
• High-volume vulnerability clusters
• Repeating vulnerabilities
• Investigate and raise credentialed-scan failures (eg, SSH or SMB login failure during scans). Ensuring these are visible in Tenable outputs/plugins
• Continue platform health improvements with Security Engineering and ServiceNow SecOps teams.

Success Criteria

• Backlog visibly reduces with downward trends.
• Reports are accurate, contextual, risk-based, and actionable.
• VM data becomes trusted and recognised as the single source of truth across the enterprise.